mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-07-06 10:42:33 +00:00
Converted to use jmock.
This commit is contained in:
Luke Taylor
parent
72eee6f1ca
commit
9ab69ddcaf
@ -15,52 +15,64 @@
|
|||||||
|
|
||||||
package org.springframework.security.ui.rememberme;
|
package org.springframework.security.ui.rememberme;
|
||||||
|
|
||||||
import junit.framework.TestCase;
|
import static org.junit.Assert.*;
|
||||||
|
|
||||||
|
import java.util.Date;
|
||||||
|
import javax.servlet.http.Cookie;
|
||||||
|
|
||||||
|
import org.jmock.Expectations;
|
||||||
|
import org.jmock.Mockery;
|
||||||
|
import org.jmock.integration.junit4.JUnit4Mockery;
|
||||||
|
import org.junit.Before;
|
||||||
|
import org.junit.Test;
|
||||||
import org.springframework.security.Authentication;
|
import org.springframework.security.Authentication;
|
||||||
import org.springframework.security.GrantedAuthority;
|
|
||||||
import org.springframework.security.GrantedAuthorityImpl;
|
|
||||||
|
|
||||||
import org.springframework.security.providers.TestingAuthenticationToken;
|
import org.springframework.security.providers.TestingAuthenticationToken;
|
||||||
|
|
||||||
import org.springframework.security.userdetails.User;
|
import org.springframework.security.userdetails.User;
|
||||||
import org.springframework.security.userdetails.UserDetails;
|
import org.springframework.security.userdetails.UserDetails;
|
||||||
import org.springframework.security.userdetails.UserDetailsService;
|
import org.springframework.security.userdetails.UserDetailsService;
|
||||||
import org.springframework.security.userdetails.UsernameNotFoundException;
|
import org.springframework.security.userdetails.UsernameNotFoundException;
|
||||||
|
import org.springframework.security.util.AuthorityUtils;
|
||||||
|
import org.springframework.dao.DataAccessException;
|
||||||
|
import org.springframework.mock.web.MockHttpServletRequest;
|
||||||
|
import org.springframework.mock.web.MockHttpServletResponse;
|
||||||
|
import org.springframework.util.StringUtils;
|
||||||
|
|
||||||
import org.apache.commons.codec.binary.Base64;
|
import org.apache.commons.codec.binary.Base64;
|
||||||
import org.apache.commons.codec.digest.DigestUtils;
|
import org.apache.commons.codec.digest.DigestUtils;
|
||||||
|
|
||||||
import org.springframework.dao.DataAccessException;
|
|
||||||
|
|
||||||
import org.springframework.mock.web.MockHttpServletRequest;
|
|
||||||
import org.springframework.mock.web.MockHttpServletResponse;
|
|
||||||
|
|
||||||
import org.springframework.util.StringUtils;
|
|
||||||
|
|
||||||
import java.util.Date;
|
|
||||||
|
|
||||||
import javax.servlet.http.Cookie;
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests {@link org.springframework.security.ui.rememberme.TokenBasedRememberMeServices}.
|
* Tests {@link org.springframework.security.ui.rememberme.TokenBasedRememberMeServices}.
|
||||||
*
|
*
|
||||||
* @author Ben Alex
|
* @author Ben Alex
|
||||||
* @version $Id$
|
* @version $Id$
|
||||||
*/
|
*/
|
||||||
public class TokenBasedRememberMeServicesTests extends TestCase {
|
public class TokenBasedRememberMeServicesTests {
|
||||||
//~ Constructors ===================================================================================================
|
private Mockery jmock = new JUnit4Mockery();
|
||||||
|
private UserDetailsService uds;
|
||||||
public TokenBasedRememberMeServicesTests() {
|
private UserDetails user = new User("someone", "password", true, true, true, true,
|
||||||
}
|
AuthorityUtils.createAuthorityList("ROLE_ABC"));
|
||||||
|
private TokenBasedRememberMeServices services;
|
||||||
public TokenBasedRememberMeServicesTests(String arg0) {
|
private Expectations udsWillReturnUser;
|
||||||
super(arg0);
|
private Expectations udsWillThrowNotFound;
|
||||||
}
|
|
||||||
|
|
||||||
//~ Methods ========================================================================================================
|
//~ Methods ========================================================================================================
|
||||||
|
|
||||||
|
@Before
|
||||||
|
public void createTokenBasedRememberMeServices() {
|
||||||
|
services = new TokenBasedRememberMeServices();
|
||||||
|
uds = jmock.mock(UserDetailsService.class);
|
||||||
|
services.setKey("key");
|
||||||
|
services.setUserDetailsService(uds);
|
||||||
|
udsWillReturnUser = new Expectations() {{
|
||||||
|
oneOf(uds).loadUserByUsername(with(aNonNull(String.class))); will(returnValue(user));
|
||||||
|
}};
|
||||||
|
udsWillThrowNotFound = new Expectations() {{
|
||||||
|
oneOf(uds).loadUserByUsername(with(aNonNull(String.class)));
|
||||||
|
will(throwException(new UsernameNotFoundException("")));
|
||||||
|
}};
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
private long determineExpiryTimeFromBased64EncodedToken(String validToken) {
|
private long determineExpiryTimeFromBased64EncodedToken(String validToken) {
|
||||||
String cookieAsPlainText = new String(Base64.decodeBase64(validToken.getBytes()));
|
String cookieAsPlainText = new String(Base64.decodeBase64(validToken.getBytes()));
|
||||||
String[] cookieTokens = StringUtils.delimitedListToStringArray(cookieAsPlainText, ":");
|
String[] cookieTokens = StringUtils.delimitedListToStringArray(cookieAsPlainText, ":");
|
||||||
@ -84,54 +96,31 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||||||
return tokenValueBase64;
|
return tokenValueBase64;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testAutoLoginIfDoesNotPresentAnyCookies() throws Exception {
|
@Test
|
||||||
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
public void autoLoginReturnsNullIfNoCookiePresented() throws Exception {
|
||||||
services.setKey("key");
|
|
||||||
services.setUserDetailsService(new MockAuthenticationDao(null, true));
|
|
||||||
//services.afterPropertiesSet();
|
|
||||||
|
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
|
||||||
request.setRequestURI("dc");
|
|
||||||
|
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
|
|
||||||
Authentication result = services.autoLogin(request, response);
|
Authentication result = services.autoLogin(new MockHttpServletRequest(), response);
|
||||||
|
|
||||||
assertNull(result);
|
assertNull(result);
|
||||||
|
// No cookie set
|
||||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
assertNull(response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY));
|
||||||
assertNull(returnedCookie); // shouldn't try to invalidate our cookie
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testAutoLoginIfDoesNotPresentRequiredCookie() throws Exception {
|
@Test
|
||||||
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
public void autoLoginIgnoresUnrelatedCookie() throws Exception {
|
||||||
services.setKey("key");
|
|
||||||
services.setUserDetailsService(new MockAuthenticationDao(null, true));
|
|
||||||
//services.afterPropertiesSet();
|
|
||||||
|
|
||||||
Cookie cookie = new Cookie("unrelated_cookie", "foobar");
|
Cookie cookie = new Cookie("unrelated_cookie", "foobar");
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||||
request.setCookies(new Cookie[] {cookie});
|
request.setCookies(new Cookie[] {cookie});
|
||||||
|
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
|
|
||||||
Authentication result = services.autoLogin(request, response);
|
Authentication result = services.autoLogin(request, response);
|
||||||
|
|
||||||
assertNull(result);
|
assertNull(result);
|
||||||
|
assertNull(response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY));
|
||||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
|
||||||
assertNull(returnedCookie); // shouldn't try to invalidate our cookie
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testAutoLoginIfExpired() throws Exception {
|
@Test
|
||||||
UserDetails user = new User("someone", "password", true, true, true, true,
|
public void autoLoginReturnsNullForExpiredCookieAndClearsCookie() throws Exception {
|
||||||
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")});
|
|
||||||
|
|
||||||
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
|
||||||
services.setKey("key");
|
|
||||||
services.setUserDetailsService(new MockAuthenticationDao(user, false));
|
|
||||||
// services.afterPropertiesSet();
|
|
||||||
|
|
||||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
||||||
generateCorrectCookieContentForToken(System.currentTimeMillis() - 1000000, "someone", "password", "key"));
|
generateCorrectCookieContentForToken(System.currentTimeMillis() - 1000000, "someone", "password", "key"));
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||||
@ -139,74 +128,45 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||||||
|
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
|
|
||||||
Authentication result = services.autoLogin(request, response);
|
assertNull(services.autoLogin(request, response));
|
||||||
|
|
||||||
assertNull(result);
|
|
||||||
|
|
||||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
||||||
assertNotNull(returnedCookie);
|
assertNotNull(returnedCookie);
|
||||||
assertEquals(0, returnedCookie.getMaxAge());
|
assertEquals(0, returnedCookie.getMaxAge());
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testAutoLoginIfMissingThreeTokensInCookieValue() throws Exception {
|
@Test
|
||||||
UserDetails user = new User("someone", "password", true, true, true, true,
|
public void autoLoginReturnsNullAndClearsCookieIfMissingThreeTokensInCookieValue() throws Exception {
|
||||||
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")});
|
|
||||||
|
|
||||||
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
|
||||||
services.setKey("key");
|
|
||||||
services.setUserDetailsService(new MockAuthenticationDao(user, false));
|
|
||||||
//services.afterPropertiesSet();
|
|
||||||
|
|
||||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
||||||
new String(Base64.encodeBase64("x".getBytes())));
|
new String(Base64.encodeBase64("x".getBytes())));
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||||
request.setCookies(new Cookie[] {cookie});
|
request.setCookies(new Cookie[] {cookie});
|
||||||
|
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
|
assertNull(services.autoLogin(request, response));
|
||||||
Authentication result = services.autoLogin(request, response);
|
|
||||||
|
|
||||||
assertNull(result);
|
|
||||||
|
|
||||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
||||||
assertNotNull(returnedCookie);
|
assertNotNull(returnedCookie);
|
||||||
assertEquals(0, returnedCookie.getMaxAge());
|
assertEquals(0, returnedCookie.getMaxAge());
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testAutoLoginIfNotBase64Encoded() throws Exception {
|
@Test
|
||||||
UserDetails user = new User("someone", "password", true, true, true, true,
|
public void autoLoginClearsNonBase64EncodedCookie() throws Exception {
|
||||||
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")});
|
|
||||||
|
|
||||||
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
|
||||||
services.setKey("key");
|
|
||||||
services.setUserDetailsService(new MockAuthenticationDao(user, false));
|
|
||||||
//services.afterPropertiesSet();
|
|
||||||
|
|
||||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
||||||
"NOT_BASE_64_ENCODED");
|
"NOT_BASE_64_ENCODED");
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||||
request.setCookies(new Cookie[] {cookie});
|
request.setCookies(new Cookie[] {cookie});
|
||||||
|
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
|
assertNull(services.autoLogin(request, response));
|
||||||
Authentication result = services.autoLogin(request, response);
|
|
||||||
|
|
||||||
assertNull(result);
|
|
||||||
|
|
||||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
||||||
assertNotNull(returnedCookie);
|
assertNotNull(returnedCookie);
|
||||||
assertEquals(0, returnedCookie.getMaxAge());
|
assertEquals(0, returnedCookie.getMaxAge());
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testAutoLoginIfSignatureBlocksDoesNotMatchExpectedValue() throws Exception {
|
@Test
|
||||||
UserDetails user = new User("someone", "password", true, true, true, true,
|
public void autoLoginClearsCookieIfSignatureBlocksDoesNotMatchExpectedValue() throws Exception {
|
||||||
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")});
|
jmock.checking(udsWillReturnUser);
|
||||||
|
|
||||||
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
|
||||||
services.setKey("key");
|
|
||||||
services.setUserDetailsService(new MockAuthenticationDao(user, false));
|
|
||||||
//services.afterPropertiesSet();
|
|
||||||
|
|
||||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
||||||
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password",
|
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password",
|
||||||
"WRONG_KEY"));
|
"WRONG_KEY"));
|
||||||
@ -215,46 +175,31 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||||||
|
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
|
|
||||||
Authentication result = services.autoLogin(request, response);
|
assertNull(services.autoLogin(request, response));
|
||||||
|
|
||||||
assertNull(result);
|
|
||||||
|
|
||||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
||||||
assertNotNull(returnedCookie);
|
assertNotNull(returnedCookie);
|
||||||
assertEquals(0, returnedCookie.getMaxAge());
|
assertEquals(0, returnedCookie.getMaxAge());
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testAutoLoginIfTokenDoesNotContainANumberInCookieValue() throws Exception {
|
@Test
|
||||||
UserDetails user = new User("someone", "password", true, true, true, true,
|
public void autoLoginClearsCookieIfTokenDoesNotContainANumberInCookieValue() throws Exception {
|
||||||
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")});
|
|
||||||
|
|
||||||
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
|
||||||
services.setKey("key");
|
|
||||||
services.setUserDetailsService(new MockAuthenticationDao(user, false));
|
|
||||||
//services.afterPropertiesSet();
|
|
||||||
|
|
||||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
||||||
new String(Base64.encodeBase64("username:NOT_A_NUMBER:signature".getBytes())));
|
new String(Base64.encodeBase64("username:NOT_A_NUMBER:signature".getBytes())));
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||||
request.setCookies(new Cookie[] {cookie});
|
request.setCookies(new Cookie[] {cookie});
|
||||||
|
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
|
assertNull(services.autoLogin(request, response));
|
||||||
Authentication result = services.autoLogin(request, response);
|
|
||||||
|
|
||||||
assertNull(result);
|
|
||||||
|
|
||||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
||||||
assertNotNull(returnedCookie);
|
assertNotNull(returnedCookie);
|
||||||
assertEquals(0, returnedCookie.getMaxAge());
|
assertEquals(0, returnedCookie.getMaxAge());
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testAutoLoginIfUserNotFound() throws Exception {
|
@Test
|
||||||
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
public void autoLoginClearsCookieIfUserNotFound() throws Exception {
|
||||||
services.setKey("key");
|
jmock.checking(udsWillThrowNotFound);
|
||||||
services.setUserDetailsService(new MockAuthenticationDao(null, true));
|
|
||||||
//services.afterPropertiesSet();
|
|
||||||
|
|
||||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
||||||
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password", "key"));
|
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password", "key"));
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||||
@ -262,24 +207,16 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||||||
|
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
|
|
||||||
Authentication result = services.autoLogin(request, response);
|
assertNull(services.autoLogin(request, response));
|
||||||
|
|
||||||
assertNull(result);
|
|
||||||
|
|
||||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
||||||
assertNotNull(returnedCookie);
|
assertNotNull(returnedCookie);
|
||||||
assertEquals(0, returnedCookie.getMaxAge());
|
assertEquals(0, returnedCookie.getMaxAge());
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testAutoLoginWithValidToken() throws Exception {
|
@Test
|
||||||
UserDetails user = new User("someone", "password", true, true, true, true,
|
public void autoLoginWithValidTokenAndUserSucceeds() throws Exception {
|
||||||
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")});
|
jmock.checking(udsWillReturnUser);
|
||||||
|
|
||||||
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
|
||||||
services.setKey("key");
|
|
||||||
services.setUserDetailsService(new MockAuthenticationDao(user, false));
|
|
||||||
// services.afterPropertiesSet();
|
|
||||||
|
|
||||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
||||||
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password", "key"));
|
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password", "key"));
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||||
@ -290,16 +227,12 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||||||
Authentication result = services.autoLogin(request, response);
|
Authentication result = services.autoLogin(request, response);
|
||||||
|
|
||||||
assertNotNull(result);
|
assertNotNull(result);
|
||||||
|
assertEquals(user, result.getPrincipal());
|
||||||
UserDetails resultingUserDetails = (UserDetails) result.getPrincipal();
|
|
||||||
|
|
||||||
assertEquals(user, resultingUserDetails);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
public void testGettersSetters() {
|
public void testGettersSetters() {
|
||||||
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
assertEquals(uds, services.getUserDetailsService());
|
||||||
services.setUserDetailsService(new MockAuthenticationDao(null, false));
|
|
||||||
assertTrue(services.getUserDetailsService() != null);
|
|
||||||
|
|
||||||
services.setKey("d");
|
services.setKey("d");
|
||||||
assertEquals("d", services.getKey());
|
assertEquals("d", services.getKey());
|
||||||
@ -312,11 +245,9 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||||||
assertEquals(12, services.getTokenValiditySeconds());
|
assertEquals(12, services.getTokenValiditySeconds());
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testLoginFail() {
|
@Test
|
||||||
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
public void loginFailClearsCookie() {
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||||
request.setRequestURI("fv");
|
|
||||||
|
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
services.loginFail(request, response);
|
services.loginFail(request, response);
|
||||||
|
|
||||||
@ -325,10 +256,10 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||||||
assertEquals(0, cookie.getMaxAge());
|
assertEquals(0, cookie.getMaxAge());
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testLoginSuccessIgnoredIfParameterNotSetOrFalse() {
|
@Test
|
||||||
|
public void loginSuccessIgnoredIfParameterNotSetOrFalse() {
|
||||||
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||||
request.setRequestURI("d");
|
|
||||||
request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER, "false");
|
request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER, "false");
|
||||||
|
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
@ -338,12 +269,11 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||||||
assertNull(cookie);
|
assertNull(cookie);
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testLoginSuccessNormalWithNonUserDetailsBasedPrincipal() {
|
@Test
|
||||||
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
public void loginSuccessNormalWithNonUserDetailsBasedPrincipalSetsExpectedCookie() {
|
||||||
// SEC-822
|
// SEC-822
|
||||||
services.setTokenValiditySeconds(500000000);
|
services.setTokenValiditySeconds(500000000);
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||||
request.setRequestURI("d");
|
|
||||||
request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER, "true");
|
request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER, "true");
|
||||||
|
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
@ -360,15 +290,12 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||||||
assertTrue(new Date().before(new Date(determineExpiryTimeFromBased64EncodedToken(cookie.getValue()))));
|
assertTrue(new Date().before(new Date(determineExpiryTimeFromBased64EncodedToken(cookie.getValue()))));
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testLoginSuccessNormalWithUserDetailsBasedPrincipal() {
|
@Test
|
||||||
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
|
public void loginSuccessNormalWithUserDetailsBasedPrincipalSetsExpectedCookie() {
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||||
request.setRequestURI("d");
|
|
||||||
request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER, "true");
|
request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER, "true");
|
||||||
|
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
UserDetails user = new User("someone", "password", true, true, true, true,
|
|
||||||
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")});
|
|
||||||
services.loginSuccess(request, response, new TestingAuthenticationToken("someone", "password","ROLE_ABC"));
|
services.loginSuccess(request, response, new TestingAuthenticationToken("someone", "password","ROLE_ABC"));
|
||||||
|
|
||||||
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user